Re: landscape, spiffe, opa, vault

Home Messages Hashtags Subgroups

#1373

Re: landscape, spiffe, opa, vault

alexis richardson #1373 On Wed, Nov 15, 2017 at 7:52 PM, Sunil James <sunil@...> wrote: Tough one, but I'd say "yes." I am ok with that. Wonder what others think? FWIW, we should probably read through RFC 2989 (specifically the agreed-upon terminology) for historical context. Is that an offer? ;-) a --- SJ \| sunil@... \| Scytale & SPIFFE On Wed, Nov 15, 2017 at 11:32 AM, Alexis Richardson <alexis@...> wrote: would you suggest moving key management to AAA? On Wed, Nov 15, 2017 at 6:09 PM, Sunil James via cncf-toc <cncf-toc@...> wrote: +1 to this framing, particularly to its cross-cutting nature. While I agree 'security' is a natural starting bucket, the value propositions these (and other) projects address go beyond this (over time). Visually, perhaps the TOC should consider a "AAA" box (or something more elegantly worded) to the right (or left) of 'Service Management'? --- SJ \| sunil@... \| Scytale & SPIFFE On Wed, Nov 15, 2017 at 8:13 AM, Tim Hinrichs via cncf-toc <cncf-toc@...> wrote: +1 to the Authentication (SPIFFE, spire), Authorization (OPA), Audit (?). Classically these are part of Security, but there's no box for that. AAA is typically cross-cutting. OPA, for example, has integrations with Kube (orchestration), Istio (app), Terraform (provisioning), AWS (cloud). Tim On Wed, Nov 15, 2017 at 7:33 AM Guru Chahal via cncf-toc <cncf-toc@...> wrote: Similar functions have often been classified as "AAA" in traditional systems (Authentication, Authorization, Accounting). I agree that no box really captures these well today - the closest are likely 'coordination and service discover' or perhaps 'service management'. I'd imagine 'service management' is the the likely best current home... Istio is listed there as well today (most adjacent to these projects today). -Guru On Wed, Nov 15, 2017 at 6:59 AM, Alexis Richardson via cncf-toc <cncf-toc@...> wrote: That was where I was going... Do others agree? On Wed, Nov 15, 2017 at 2:58 PM, Nick Chase <nchase@...> wrote: I think OPA belongs in the top layer but I don't think it fits in any of the existing subcategories. In fact I feel that way about all three. ---- Nick On Wednesday, November 15, 2017, Alexis Richardson via cncf-toc <cncf-toc@...> wrote: All, Question about the landscape. https://raw.githubusercontent.com/cncf/landscape/master/landscape/CloudNativeLandscape_latest.jpg - do we want to put OPA in the top layer, either inside, or next to App Def? - what about identity - spiffe and spire? - do we think key management should move to top layer? a _______________________________________________ cncf-toc mailing list cncf-toc@... https://lists.cncf.io/mailman/listinfo/cncf-toc _______________________________________________ cncf-toc mailing list cncf-toc@... https://lists.cncf.io/mailman/listinfo/cncf-toc _______________________________________________ cncf-toc mailing list cncf-toc@... https://lists.cncf.io/mailman/listinfo/cncf-toc _______________________________________________ cncf-toc mailing list cncf-toc@... https://lists.cncf.io/mailman/listinfo/cncf-toc
More All Messages By This Member

View All 11 Messages In Topic

#1373

Join {cncf-toc@lists.cncf.io to automatically receive all group messages.

Home Hashtags Subgroups Terms